#2 Ansible and AWS

Episode #2 - 14 minutes - Tuesday 10/15/2013
By using Ansible in combination with AWS, you can achieve high levels of automation quickly and easily. This episode shows you how to install Ansible, configure the EC2 inventory plugin, perform ad-hoc tasks on instances, and how to write a few playbooks to automate processes.

Show Notes

Install Ansible and dependencies

git clone git@github.com:ansible/ansible.git
cd ansible
source ./hacking/env-setup
sudo pip install paramiko PyYAML jinja2 --upgrade

Set up EC2 inventory plugin as the default inventory for Ansible

sudo mkdir /etc/ansible
sudo chown $USER /etc/ansible
cd /etc/ansible
cp ~/ansible/plugins/inventory/ec2.* .
mv ec2.py hosts
./hosts

Create .boto config file

cat > ~/.boto
[Credentials]
aws_access_key_id = <your_access_key_here>
aws_secret_access_key = <your_secret_key_here>

To run inventory at any time:

/etc/ansible/hosts

Add SSH keypair to SSH agent

ssh-add ~/.ssh/id_rsa

Test SSH connection to instance without specifying the keypair on the command line:

ssh ubuntu@ec2-1-2-3-4.compute.amazonaws.com

Ansible ping to all instances, SSHing as the ubuntu user:

ansible -m ping -u ubuntu all

Ansible ping to all instances, SSHing as the ec2-user user:

ansible -m ping -u ec2-user all

Targeting groups of instances:

ansible -m ping -u ubuntu us-east-1

ansible -m ping -u ubuntu 'us-west-2:&security_group_web'

ansible -m ping -u ubuntu tag_Name_Episode2

Refresh EC2 inventory cache

/etc/ansible/hosts --refresh-cache

Install AWS CLI Playbook

mkdir playbooks
cd playbooks

install-awscli.yml

---
- name: Install AWS CLI
  user: ubuntu
  sudo: True
  hosts: all
  tasks:
    - name: Install Python PIP
      apt: pkg=python-pip state=latest

    - name: Install boto via PIP
      pip: name=boto state=latest

    - name: Install AWS CLI
      pip: name=awscli state=latest

Execute playbook:

ansible-playbook -l us-west-2 install-awscli.yml

Create local inventory file

cat > /etc/ansible/local
[localhost]
127.0.0.1

provision.yml

---
- name: Example of provisioning servers
  hosts: 127.0.0.1
  connection: local
  tasks:
    - name: Create security group
      local_action:
        module: ec2_group
        name: ep2
        description: Access to the Episode2 servers
        region: us-west-2
        rules:
          - proto: tcp
            from_port: 22
            to_port: 22
            cidr_ip: 0.0.0.0/0

    - name: Launch instances
      local_action:
        module: ec2
        region: us-west-2
        keypair: answersforaws
        group: ep2
        instance_type: m1.small
        image: ami-8635a9b6
        count: 2
        wait: yes
      register: ec2

    - name: Add EP2 instances to host group
      local_action: add_host hostname={{ item.public_ip }} groupname=ep2
      with_items: ec2.instances

    - name: Add tag to instances
      local_action: ec2_tag resource={{ item.id }} region=us-west-2 state=present
      with_items: ec2.instances
      args:
        tags:
          Name: EP2

    - name: Wait for SSH to be available
      pause: minutes=1


- name: Configure provisioned servers
  hosts: ep2
  user: ubuntu
  sudo: True
  tasks:
    - include: tasks/install-awscli.yml

Run playbook

ansible-playbook -i /etc/ansible/local provision.yml

Resources

Tuesday 10/15/2013 at 12:51pm | Peter Sankauskas
comments powered by Disqus